Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/284d4c10-8edb-3aae-b7cf-7eb2562a371e.roa
File:                     284d4c10-8edb-3aae-b7cf-7eb2562a371e.roa (raw, json)
Hash identifier:          sM5lYAVfvIDEzln2eY88KpEpLpayTI81enPFmTegXwI=
Subject key identifier:   B2:0F:90:99:A2:4A:B4:F3:91:EB:89:67:FE:A4:EA:6D:75:FB:62:F8
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F432858387263CFBFF146957730C89200
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/284d4c10-8edb-3aae-b7cf-7eb2562a371e.roa
Signing time:             Wed 30 Dec 2020 05:00:00 +0000
ROA not before:           Wed 30 Dec 2020 05:00:00 +0000
ROA not after:            Tue 04 Apr 2023 04:00:00 +0000
asID:                     1239
IP address blocks:        172.252.28.0/24 maxlen: 24
                          172.252.3.0/24 maxlen: 24
                          172.252.23.0/24 maxlen: 24
                          172.252.25.0/24 maxlen: 24
                          172.252.54.0/24 maxlen: 24
                          172.252.55.0/24 maxlen: 24
                          172.252.135.0/24 maxlen: 24
                          172.252.136.0/24 maxlen: 24
                          172.252.137.0/24 maxlen: 24
                          172.252.139.0/24 maxlen: 24
                          172.252.141.0/24 maxlen: 24
                          172.252.145.0/24 maxlen: 24
                          172.252.149.0/24 maxlen: 24
                          172.252.161.0/24 maxlen: 24
                          172.252.162.0/24 maxlen: 24
                          172.252.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:38:72:63:cf:bf:f1:46:95:77:30:c8:92:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Dec 30 05:00:00 2020 GMT
            Not After : Apr  4 04:00:00 2023 GMT
        Subject: CN=978500f9-3aae-4a80-977b-9facc17a0ba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d6:d8:30:8c:4f:53:83:e9:34:b8:43:fc:96:
                    72:05:a1:07:38:6f:e2:2b:95:24:2a:c4:fd:ff:59:
                    83:04:22:fd:92:37:14:2d:f4:a9:0c:d3:cb:8f:08:
                    4a:f0:73:d6:7e:dc:4b:57:94:b6:69:49:b4:6e:0b:
                    c5:f3:c4:e2:74:26:57:18:3e:dc:c1:f2:d4:47:8b:
                    13:ce:ac:33:48:8a:7e:da:ea:ff:48:be:ac:51:7b:
                    51:74:97:7d:df:5e:ec:a1:30:4c:f2:36:5d:79:2e:
                    fd:83:ed:4f:e7:44:54:85:e4:15:1e:7b:56:11:d4:
                    ff:ea:9f:14:a6:58:5d:39:66:9e:2a:82:84:51:5a:
                    dc:a0:e5:f1:b2:94:17:00:97:d1:8b:b5:c9:f0:6d:
                    a7:58:6e:83:76:49:4f:6f:f8:99:fc:70:0d:b2:73:
                    0d:36:c1:4a:23:c5:b3:38:61:ba:1e:96:5b:b1:4a:
                    8a:66:45:be:4c:60:82:c6:62:78:80:12:72:4d:b1:
                    7c:11:6c:fe:6d:74:a3:55:74:30:45:bd:dd:94:0f:
                    c7:07:d4:af:ec:c0:98:ed:bb:2f:ae:e9:61:23:f2:
                    4e:6b:aa:b4:03:a7:56:f7:39:fa:94:4b:66:61:b4:
                    32:09:c5:81:30:de:34:67:90:19:c9:38:75:0f:1e:
                    60:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:0F:90:99:A2:4A:B4:F3:91:EB:89:67:FE:A4:EA:6D:75:FB:62:F8
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/284d4c10-8edb-3aae-b7cf-7eb2562a371e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.252.3.0/24
                  172.252.23.0/24
                  172.252.25.0/24
                  172.252.28.0/24
                  172.252.54.0/23
                  172.252.135.0-172.252.137.255
                  172.252.139.0/24
                  172.252.141.0/24
                  172.252.145.0/24
                  172.252.149.0/24
                  172.252.161.0-172.252.162.255
                  172.252.168.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0d:e9:04:fb:f9:55:08:0f:00:2f:41:1b:eb:be:ad:86:58:a8:
         1b:ef:13:70:ac:e6:9f:b6:a4:39:65:31:69:fa:c8:1d:31:be:
         9d:d1:84:98:e1:93:8b:8d:bd:1d:e6:d7:c0:f9:f1:f8:71:bb:
         49:8c:3d:ac:89:9f:b6:67:46:a5:8a:d0:24:0e:ef:78:1d:64:
         39:bd:5f:51:8c:12:93:81:7b:ae:d0:3c:15:f9:5d:90:17:7e:
         b6:0d:50:46:a4:b2:61:5a:40:74:30:2c:3d:da:a8:35:f7:04:
         14:f9:bd:a9:27:1c:01:9f:80:35:fe:37:70:7c:6f:72:39:a8:
         d9:9d:7c:df:43:24:db:31:76:a6:67:8f:c4:dc:13:d2:76:55:
         cf:72:2e:2d:80:4f:14:d8:8d:22:55:02:64:37:89:bc:6f:9b:
         2a:43:90:0c:a9:58:4c:74:61:b6:98:1b:78:13:0a:16:27:b7:
         ca:ce:f1:f2:e3:80:4a:17:51:3b:e7:81:44:ba:d1:81:e3:3f:
         25:2b:0f:55:90:3a:5b:f9:59:8e:56:64:93:1b:bd:fd:b4:07:
         55:4d:17:13:43:8f:db:68:11:cb:68:4f:39:6c:ab:65:f1:2a:
         ce:44:2c:9f:6d:2d:86:f8:49:c5:d8:3d:cd:7c:c6:97:57:de:
         cc:8d:75:df
-----BEGIN CERTIFICATE-----
MIIGlTCCBX2gAwIBAgIUAQ0Mn0MoWDhyY8+/8UaVdzDIkgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIwMTIzMDA1MDAwMFoXDTIzMDQwNDA0MDAwMFowLzEtMCsGA1UEAxMk
OTc4NTAwZjktM2FhZS00YTgwLTk3N2ItOWZhY2MxN2EwYmEwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdbYMIxPU4PpNLhD/JZyBaEHOG/iK5UkKsT9
/1mDBCL9kjcULfSpDNPLjwhK8HPWftxLV5S2aUm0bgvF88TidCZXGD7cwfLUR4sT
zqwzSIp+2ur/SL6sUXtRdJd9317soTBM8jZdeS79g+1P50RUheQVHntWEdT/6p8U
plhdOWaeKoKEUVrcoOXxspQXAJfRi7XJ8G2nWG6DdklPb/iZ/HANsnMNNsFKI8Wz
OGG6HpZbsUqKZkW+TGCCxmJ4gBJyTbF8EWz+bXSjVXQwRb3dlA/HB9Sv7MCY7bsv
rulhI/JOa6q0A6dW9zn6lEtmYbQyCcWBMN40Z5AZyTh1Dx5gFQIDAQABo4IDpzCC
A6MwHQYDVR0OBBYEFLIPkJmiSrTzkeuJZ/6k6m11+2L4MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMjg0ZDRjMTAtOGVkYi0z
YWFlLWI3Y2YtN2ViMjU2MmEzNzFlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQArPwDAwQA
rPwXAwQArPwZAwQArPwcAwQBrPw2MAwDBACs/IcDBAGs/IgDBACs/IsDBACs/I0D
BACs/JEDBACs/JUwDAMEAKz8oQMEAKz8ogMEAKz8qDBUBgNVHSABAf8ESjBIMEYG
CCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jl
c291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQAN6QT7+VUI
DwAvQRvrvq2GWKgb7xNwrOaftqQ5ZTFp+sgdMb6d0YSY4ZOLjb0d5tfA+fH4cbtJ
jD2siZ+2Z0alitAkDu94HWQ5vV9RjBKTgXuu0DwV+V2QF362DVBGpLJhWkB0MCw9
2qg19wQU+b2pJxwBn4A1/jdwfG9yOajZnXzfQyTbMXamZ4/E3BPSdlXPci4tgE8U
2I0iVQJkN4m8b5sqQ5AMqVhMdGG2mBt4EwoWJ7fKzvHy44BKF1E754FEutGB4z8l
Kw9VkDpb+VmOVmSTG739tAdVTRcTQ4/baBHLaE85bKtl8SrORCyfbS2G+EnF2D3N
fMaXV97MjXXf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:55 2023 by rpki-client on console-fra.rpki-client.org